Mythic is a collaborative, multi-platform, red teaming framework that enables users to simulate attacks and test their defenses. It provides a flexible and customizable platform for red teaming, allowing users to create and manage their own attacks, and collaborate with others in real-time. Mythic supports multiple platforms, including Windows, Linux, and macOS, and provides a range of features such as payload generation, command and control, and post-exploitation capabilities. The framework is designed to be highly customizable, allowing users to create their own plugins and modules to extend its functionality. Additionally, Mythic provides a web-based interface for easy management and collaboration. Overall, Mythic is a powerful tool for red teaming and penetration testing, providing a flexible and customizable platform for simulating attacks and testing defenses.
FEATURES
ALTERNATIVES
A guide to bypassing RFID card reader security mechanisms using specialized hardware
A collection of Python scripts for password spraying attacks against Lync/S4B & OWA, featuring Atomizer, Vaporizer, Aerosol, and Spindrift tools.
Emulates Docker HTTP API with event logging and AWS deployment script.
A tool for performing hash length extension attacks against multiple hashing algorithms.
A Python script for creating a cohesive and up-to-date penetration testing framework.
A powerful enumeration tool for discovering assets and subdomains.
SharpEDRChecker scans system components to detect security products and tools.
Ebowla is a tool for generating payloads in Python, GO, and PowerShell with support for Reflective DLLs.
PINNED

InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.

Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.